Palo Alto Firewall Security Engineer
6-month contract
New York, NY - Fully Onsite
The primary responsibility of the Network Security Engineer is to work closely with Senior Network Engineers and Network Operations Managers to install, configure, operate, and maintain the core network infrastructure with a focus on Palo Alto Networks security appliances. The role ensures that security standards and best practices are implemented across the Enterprise, including both Campus and Datacenters.
General Responsibilities
· Provide technical security leadership, specifically around Palo Alto firewall solutions, for large network deployment projects.
· Lead project-based work, from inception through completion, delivering high-level and mid-level design for network security infrastructure.
· Create and manage configuration files and templates for Palo Alto firewalls and Panorama management solutions.
· Configure policies and Access Controls to ensure data protection and network security.
· Assess, determine, and predict the impact of network moves, changes, and additions with a focus on Palo Alto environments.
· Standardize switch and router configurations across platforms, ensuring seamless integration with security devices.
· Communicate technical status, risks, and issues to key stakeholders in a clear and concise manner.
· Troubleshoot complex, second- and third-level security issues, particularly those involving Palo Alto firewalls.
· Collaborate with vendors, especially in relation to Palo Alto Networks products and associated solutions.
· Provide flexible support during off-hours for deployment schedules (early mornings, late nights, weekends) and participate in on-call rotation.
· Ensure network designs are scalable, high-performance, and meet security requirements.
Operations
· Manage and maintain Panorama for centralized administration and monitoring of Palo Alto firewalls.
· Troubleshoot and resolve issues in Palo Alto firewall deployments and Panorama-managed configurations.
· Capably follow enterprise change control processes to ensure smooth operation and deployments.
Documentation
· Develop clear and concise documentation for the design, configuration, and deployment of Palo Alto Networks infrastructure.
· Create user documentation as needed for both technical and non-technical stakeholders.
Customer Service
· Build and maintain strong relationships with internal teams and external stakeholders, ensuring effective communication on network security tasks.
· Collaborate with IS colleagues to ensure alignment on all security-related projects and network engineering tasks.
· Participate actively in discussions to define and clarify user requirements.
Key Criteria
· 3-5 years of experience in network security with a heavy focus on Palo Alto Networks solutions.
· Bachelor’s degree in Computer Science or a related field.
· Expertise in TCP/IP networking concepts, with experience in BGP, EIGRP, OSPF, STP, NAT, HSRP/VRRP, VRF, QoS, and multicast.
· Experience with Palo Alto Panorama, creating and managing configurations for large-scale, multi-site deployments.
· Proven ability to lead project-based work, focusing on mid to high-level design of network security architectures.
· Strong analytical skills for troubleshooting Palo Alto firewalls and Panorama configurations.
· Familiarity with Cisco ASA and Arista networking products.
· Experience with packet tracing/sniffing tools for diagnosing network issues.
Highly Desirable Experience
· Expertise in Palo Alto Networks Firewalls (3k/5k/7k series) and Panorama, including Log Collectors and Cloud-based firewalls.
· Cisco ASA VPN appliances and routing/switching expertise.
· Experience with Splunk and SIEM platforms for logging and monitoring.
Attributes
Ability to work independently on projects and tasks in a dynamic, fast-paced environment with minimal supervision.